Overview

The Intermunicipal Association for Public Health in the Region of Charleroi (ISPPC or Intercommunale de Santé Publique du Pays de Charleroi) stands for consistent, high quality care. The association manages the public hospital CHU de Charleroi as well as various services including three nursing homes and care centers, a center for youth care, out-of-school care and creches. In total, the group manages 77 sites. Specifically for CHU de Charleroi, it concerns 5 hospitals with a total of 4,200 employees and more than 400 affiliated doctors.

IT is becoming increasingly important in a hospital. “It is even critical, because the hospital could no longer function without IT. After all, everything is digital, from the EPD (Electronic Patient Dossier) up to communication (VoIP) and the functioning of the lab. But at least as important - and often vital - is the monitoring of patients (cardiac, neonatal, ...) and the building (fire detection, temperature, ...), “says Pierre Jaradin, Network Administrator at ISPPC. A recent initiative that illustrates the importance of IT in the hospital is the home-made Real Time Healthcare System (RTHS) that collects, analyzes and integrates data. In addition, the opportunities offered by IoT are examined: the refrigerators’ temperature is being monitored and IoT is also considered in combination with all possible alarms and communication systems (fire, nurse call, GTC, access control).

Challenges

One of the biggest challenges of CHU de Charleroi is how to combine the many locations with the openness of IT in a hospital. “We keep our information systems as open as possible: for the medical staff, for the patients, but also for the visitors, among others. There are many ports, many networks, more and more machines that need to be connected to the network, more and more data ... The challenge consists in making sure that all this is fully secured and that only the authorized persons have access to the patients’ sensitive data."

CHU de Charleroi therefore needed a fully integrated global security solution including network security (IPS / IDS), virtual patching, sandboxing and consolidated visibility (SIEM). Pierre Jaradin: "We wanted our solution to be as proactive as possible.” An additional challenge for the IT department is that the financial resources in the public sector are rather limited, nowhere near, for example, the banking industry. “Yet we might be the second most vulnerable and targeted sector, ranking immediately behind the banking industry."

"The Trend Micro products offer a defense at all levels (network, system, gateway), and various functions take work off our hands."

Pierre Jaradin,Network Administrator at ISPPC

Why Trend Micro

CHU de Charleroi was looking for a solution that offered maximum protection with a minimum of management requirements. The above challenges do require more resources, but there is not always a budget for additional staff. Pierre Jaradin: “That’s one of the reasons why we have opted for a global, integrated security solution from Trend Micro. The Trend Micro products offer a defense at all levels (network, system, gateway). And various functions take work off our hands. Take the Control Manager, for example: it functions as a SIEM and enables the sharing of information about threats for all security systems.“

Solution

“We have opted for a global and integrated security solution because our team needs to manage various products (for the proxy, network, gateway, …). Having to train someone for a completely different system every time costs a lot of time and money. Moreover, our IT team operates 24/7, because a hospital does not stop at 8 pm. Therefore, our IT staff needs backups as well, so it is useful when you limit the required knowledge to the solutions of just a minimum of vendors. CHU de Charleroi selected OfficeScan (for the 2,100 workstations), ScanMail for Exchange (for the internal mail servers), Deep Discovery Inspector (to monitor the networks), Deep Discovery Analyzer (with sandboxing for all products), Interscan Web Security Virtual (IWSva for web proxy) and Interscan Messaging Security Virtual (IMSva for Mail gateway), the Trend Micro Control Manager and Deep Security (for the 600 virtual servers).

"The mail gateway receives 780,000 e-mails per month. 15,000 of these are spam and about 100 contain critical malware. Nowadays, all of these get detected thanks to Trend Micro solutions."

Pierre Jaradin,Network Administrator at ISPPC

Results

The different tools have a positive impact on several levels. The hospital’s overall IT security benefits, among others, from the sandboxing against advanced threats. “Each month about 38,000 files (documents, URLs, ...) are checked via sandboxing. In the last three months, 17 suspicious files totally unknown by security solutions have been detected and stopped. The mail gateway receives 780,000 e-mails per month. 15,000 of these are spam and about 100 contain critical malware. Nowadays, all of these get detected too, “says Pierre Jaradin.

The IT team itself also benefits from the new solution, mostly from the simplified management. The overview offered through Trend Micro Control Manager, the centralization of the logs and the increased proactivity in case of possible attacks are a tremendous help.